https://www.drmax.cz/

Copy link

The outgoing links identified from the page

LinkText
https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/loga - opens in a new window
https://www.luigisbox.com/privacy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://usercentrics.com/privacy-policy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://www.criteo.com/privacy/corporate-privacy-policy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://business.safety.google/privacy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://www.id5.io/privacyZjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://privacy.microsoft.com/en-US/privacystatementZjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://www.nativo.com/privacy-policyZjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://www.convert.com/privacy-policy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli
https://www.cookiebot.com/goto/privacy-policy/Zjistit více o tomto poskytovateli - opens in a new windowZjistit více o tomto poskytovateli

JavaScript Variables · 71 found

Copy link

Global JavaScript variables loaded on the window object of a page, are variables declared outside of functions and accessible from anywhere in the code within the current scope

NameType
0object
1object
2object
onbeforetoggleobject
documentPictureInPictureobject
onscrollendobject
nsfobject
dataLayerV2object
initLUXfunction
ccundefined

Console log messages · 15 found

Copy link

Messages logged to the web console

LevelSourceMessage
errornetwork
URL
https://events.drmax.cz/container?l=dataLayerV2
Text
Failed to load resource: the server responded with a status of 400 ()
errorsecurity
URL
https://www.googletagmanager.com/gtm.js?id=GTM-PP52DD&l=dataLayerV2
Text
[Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/loader.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
logother
URL
https://scripts.persoo.cz/vh0ouis9qu40h2holseh6t8s/p/actions.js
Text
*** Persoo adding listener
errorsecurity
URL
https://cdn-4.convertexperiments.com/static/v1/signals.observer.min.js
Text
[Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://www.drmax.cz/
Text
[Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/loader.js
Text
[Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/loader.js
Text
[Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
Text
[Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
Text
[Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
Text
[Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
Text
[Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/loader.js
Text
[Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://web.cmp.usercentrics.eu/ui/loader.js
Text
[Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js
Text
[Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
errorsecurity
URL
https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js
Text
[Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

HTML

Copy link

The raw HTML body of the page